Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rockyRockylinux Product ErrataRLSA-2022:6590
HistorySep 20, 2022 - 11:37 a.m.

mysql security, bug fix, and enhancement update

2022-09-2011:37:11
Rockylinux Product Errata
errata.rockylinux.org
20

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

0.002 Low

EPSS

Percentile

54.2%

JSON

An update is available for mysql.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version: mysql (8.0.30). (BZ#2122589)

Security Fix(es):

  • mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479)

  • mysql: Server: DML unspecified vulnerability (CPU Apr 2022) (CVE-2022-21413)

  • mysql: Server: Replication unspecified vulnerability (CPU Apr 2022) (CVE-2022-21415)

  • mysql: InnoDB multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21423)

  • mysql: Server: DDL multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21425, CVE-2022-21444)

  • mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) (CVE-2022-21427)

  • mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2022) (CVE-2022-21454)

  • mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Jul 2022) (CVE-2022-21455)

  • mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022) (CVE-2022-21457)

  • mysql: Server: Logging unspecified vulnerability (CPU Apr 2022) (CVE-2022-21460)

  • mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21556, CVE-2022-21569)

  • mysql: Server: Options unspecified vulnerability (CPU Jul 2022) (CVE-2022-21515)

  • mysql: InnoDB multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21517, CVE-2022-21537, CVE-2022-21539)

  • mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21522, CVE-2022-21534)

  • mysql: Server: Federated unspecified vulnerability (CPU Jul 2022) (CVE-2022-21547)

  • mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022) (CVE-2022-21538)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Default logrotate set to wrong log file (BZ#2122592)
OSVersionArchitecturePackageVersionFilename
rocky9aarch64mysql< 8.0.30-3.el9_0mysql-0:8.0.30-3.el9_0.aarch64.rpm
rocky9ppc64lemysql< 8.0.30-3.el9_0mysql-0:8.0.30-3.el9_0.ppc64le.rpm
rocky9s390xmysql< 8.0.30-3.el9_0mysql-0:8.0.30-3.el9_0.s390x.rpm
rocky9x86_64mysql< 8.0.30-3.el9_0mysql-0:8.0.30-3.el9_0.x86_64.rpm
rocky9aarch64mysql-common< 8.0.30-3.el9_0mysql-common-0:8.0.30-3.el9_0.aarch64.rpm
rocky9ppc64lemysql-common< 8.0.30-3.el9_0mysql-common-0:8.0.30-3.el9_0.ppc64le.rpm
rocky9s390xmysql-common< 8.0.30-3.el9_0mysql-common-0:8.0.30-3.el9_0.s390x.rpm
rocky9x86_64mysql-common< 8.0.30-3.el9_0mysql-common-0:8.0.30-3.el9_0.x86_64.rpm
rocky9aarch64mysql-debuginfo< 8.0.30-3.el9_0mysql-debuginfo-0:8.0.30-3.el9_0.aarch64.rpm
rocky9ppc64lemysql-debuginfo< 8.0.30-3.el9_0mysql-debuginfo-0:8.0.30-3.el9_0.ppc64le.rpm
Rows per page:
1-10 of 521

Related

nessus 20
redhat 3
osv 20
oraclelinux 2
almalinux 2
cloudfoundry 2
openvas 23
ubuntu 4
altlinux 1
fedora 2
ibm 2
freebsd 2
photon 4
f5 8
rocky 1
cnvd 8
prion 19
redhatcve 13
ubuntucve 18
cve 12
debiancve 11
veracode 12
cbl_mariner 10
nessus
nessus
RHEL 9 : mysql (RHSA-2022:6590)
2022-09-21 00:00:00
AlmaLinux 9 : mysql (ALSA-2022:6590)
2022-11-16 00:00:00
Rocky Linux 9 : mysql (RLSA-2022:6590)
2023-11-07 00:00:00
redhat
redhat
(RHSA-2022:6590) Moderate: mysql security, bug fix, and enhancement update
2022-09-20 11:37:11
(RHSA-2022:7119) Moderate: mysql:8.0 security, bug fix, and enhancement update
2022-10-25 07:30:28
(RHSA-2022:6518) Moderate: rh-mysql80-mysql security, bug fix, and enhancement update
2022-09-14 12:59:54
osv
osv
Moderate: mysql security, bug fix, and enhancement update
2022-09-20 00:00:00
Moderate: mysql security, bug fix, and enhancement update
2022-09-20 11:37:11
mysql-5.7, mysql-8.0 vulnerabilities
2022-05-03 11:13:45
oraclelinux
oraclelinux
mysql security, bug fix, and enhancement update
2022-09-22 00:00:00
mysql:8.0 security, bug fix, and enhancement update
2022-10-27 00:00:00
almalinux
almalinux
Moderate: mysql security, bug fix, and enhancement update
2022-09-20 00:00:00
Moderate: mysql:8.0 security, bug fix, and enhancement update
2022-10-25 00:00:00
cloudfoundry
cloudfoundry
USN-5400-1: MySQL vulnerabilities | Cloud Foundry
2022-05-26 00:00:00
USN-5537-1: MySQL vulnerabilities | Cloud Foundry
2022-08-26 00:00:00
openvas
openvas
Oracle MySQL Server 8.0 <= 8.0.29 Security Update (cpujul2022) - Windows
2022-07-21 00:00:00
Ubuntu: Security Advisory (USN-5400-1)
2022-05-04 00:00:00
Oracle MySQL Server 8.0 <= 8.0.28 Security Update (cpuapr2022) - Windows
2022-04-25 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2022-05-03 00:00:00
MySQL vulnerabilities
2022-07-28 00:00:00
MySQL vulnerabilities
2022-05-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package MySQL version 8.0.29-alt1
2022-07-05 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: community-mysql-8.0.30-2.fc36
2022-08-22 01:11:28
[SECURITY] Fedora 35 Update: community-mysql-8.0.30-2.fc35
2022-08-22 01:35:18
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities in Oracle® MySQL
2023-01-25 21:00:47
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities
2022-11-08 16:20:11
freebsd
freebsd
MySQL -- Multiple vulnerabilities
2022-04-16 00:00:00
MySQL -- Multiple vulnerabilities
2022-07-19 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2022-0187
2022-05-20 00:00:00
Moderate Photon OS Security Update - PHSA-2022-4.0-0187
2022-05-20 00:00:00
Important Photon OS Security Update - PHSA-2022-0415
2022-07-07 00:00:00
f5
f5
K63314101 : Multiple MySQL vulnerabilities
2022-05-11 00:00:00
K51585448 : Multiple MySQL vulnerabilities CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531
2022-09-06 00:00:00
K15094237 : MySQL vulnerabilities CVE-2022-21460, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479, CVE-2022-21482
2022-05-11 00:00:00
rocky
rocky
mysql:8.0 security, bug fix, and enhancement update
2022-10-25 07:30:28
cnvd
cnvd
Oracle MySQL Denial of Service Vulnerability (CNVD-2022-91134)
2022-10-19 00:00:00
Oracle MySQL Denial of Service Vulnerability (CNVD-2022-91135)
2022-10-19 00:00:00
Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-54311)
2022-07-22 00:00:00
prion
prion
Code injection
2022-10-18 21:15:00
Code injection
2023-01-18 00:15:00
Design/Logic Flaw
2022-10-18 21:15:00
redhatcve
redhatcve
CVE-2023-21872
2023-01-19 10:04:21
CVE-2022-21415
2022-05-06 17:24:33
CVE-2022-21459
2022-05-06 16:55:17
ubuntucve
ubuntucve
CVE-2023-21872
2023-01-18 00:00:00
CVE-2022-21459
2022-04-19 00:00:00
CVE-2022-21517
2022-07-19 00:00:00
cve
cve
CVE-2023-21866
2023-01-18 00:15:15
CVE-2022-21415
2022-04-19 21:15:00
CVE-2022-21635
2022-10-18 21:15:00
debiancve
debiancve
CVE-2022-21635
2022-10-18 21:15:00
CVE-2022-21457
2022-04-19 21:15:00
CVE-2022-21423
2022-04-19 21:15:00
veracode
veracode
Denial Of Service (DoS)
2022-11-10 00:30:07
Denial Of Service (DoS)
2022-11-10 00:30:46
Denial Of Service (DoS)
2022-11-10 00:33:29
cbl_mariner
cbl_mariner
CVE-2022-21635 affecting package mysql 8.0.29-1
2022-11-03 20:38:25
CVE-2022-21635 affecting package mysql 8.0.29-1
2022-11-24 00:46:05
CVE-2022-21641 affecting package mysql 8.0.29-1
2022-11-24 00:46:05

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

0.002 Low

EPSS

Percentile

54.2%

JSON
Related for RLSA-2022:6590
nessus20redhat3osv20oraclelinux2almalinux2cloudfoundry2openvas23ubuntu4altlinux1fedora2ibm2freebsd2photon4f58rocky1cnvd8prion19redhatcve13ubuntucve18cve12debiancve11veracode12cbl_mariner10